OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 11 matching lines...) Expand all Loading... |
22 #include "webrtc/base/sslstreamadapter.h" | 22 #include "webrtc/base/sslstreamadapter.h" |
23 #include "webrtc/base/stream.h" | 23 #include "webrtc/base/stream.h" |
24 #include "webrtc/test/testsupport/gtest_disable.h" | 24 #include "webrtc/test/testsupport/gtest_disable.h" |
25 | 25 |
26 using ::testing::WithParamInterface; | 26 using ::testing::WithParamInterface; |
27 using ::testing::Values; | 27 using ::testing::Values; |
28 using ::testing::Combine; | 28 using ::testing::Combine; |
29 using ::testing::tuple; | 29 using ::testing::tuple; |
30 | 30 |
31 static const int kBlockSize = 4096; | 31 static const int kBlockSize = 4096; |
| 32 static const char kAES_CM_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; |
| 33 static const char kAES_CM_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32"; |
32 static const char kExporterLabel[] = "label"; | 34 static const char kExporterLabel[] = "label"; |
33 static const unsigned char kExporterContext[] = "context"; | 35 static const unsigned char kExporterContext[] = "context"; |
34 static int kExporterContextLen = sizeof(kExporterContext); | 36 static int kExporterContextLen = sizeof(kExporterContext); |
35 | 37 |
36 static const char kRSA_PRIVATE_KEY_PEM[] = | 38 static const char kRSA_PRIVATE_KEY_PEM[] = |
37 "-----BEGIN RSA PRIVATE KEY-----\n" | 39 "-----BEGIN RSA PRIVATE KEY-----\n" |
38 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n" | 40 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n" |
39 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" | 41 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" |
40 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" | 42 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" |
41 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n" | 43 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n" |
(...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
380 } | 382 } |
381 | 383 |
382 void SetMtu(size_t mtu) { | 384 void SetMtu(size_t mtu) { |
383 mtu_ = mtu; | 385 mtu_ = mtu; |
384 } | 386 } |
385 | 387 |
386 void SetHandshakeWait(int wait) { | 388 void SetHandshakeWait(int wait) { |
387 handshake_wait_ = wait; | 389 handshake_wait_ = wait; |
388 } | 390 } |
389 | 391 |
390 void SetDtlsSrtpCryptoSuites(const std::vector<int>& ciphers, bool client) { | 392 void SetDtlsSrtpCiphers(const std::vector<std::string> &ciphers, |
| 393 bool client) { |
391 if (client) | 394 if (client) |
392 client_ssl_->SetDtlsSrtpCryptoSuites(ciphers); | 395 client_ssl_->SetDtlsSrtpCiphers(ciphers); |
393 else | 396 else |
394 server_ssl_->SetDtlsSrtpCryptoSuites(ciphers); | 397 server_ssl_->SetDtlsSrtpCiphers(ciphers); |
395 } | 398 } |
396 | 399 |
397 bool GetDtlsSrtpCryptoSuite(bool client, int* retval) { | 400 bool GetDtlsSrtpCipher(bool client, std::string *retval) { |
398 if (client) | 401 if (client) |
399 return client_ssl_->GetDtlsSrtpCryptoSuite(retval); | 402 return client_ssl_->GetDtlsSrtpCipher(retval); |
400 else | 403 else |
401 return server_ssl_->GetDtlsSrtpCryptoSuite(retval); | 404 return server_ssl_->GetDtlsSrtpCipher(retval); |
402 } | 405 } |
403 | 406 |
404 bool GetPeerCertificate(bool client, rtc::SSLCertificate** cert) { | 407 bool GetPeerCertificate(bool client, rtc::SSLCertificate** cert) { |
405 if (client) | 408 if (client) |
406 return client_ssl_->GetPeerCertificate(cert); | 409 return client_ssl_->GetPeerCertificate(cert); |
407 else | 410 else |
408 return server_ssl_->GetPeerCertificate(cert); | 411 return server_ssl_->GetPeerCertificate(cert); |
409 } | 412 } |
410 | 413 |
411 bool GetSslCipherSuite(bool client, int* retval) { | 414 bool GetSslCipherSuite(bool client, int* retval) { |
(...skipping 387 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
799 MAYBE_SKIP_TEST(HaveDtls); | 802 MAYBE_SKIP_TEST(HaveDtls); |
800 SetDamage(); // Must be called first because first packet | 803 SetDamage(); // Must be called first because first packet |
801 // write happens at end of handshake. | 804 // write happens at end of handshake. |
802 TestHandshake(); | 805 TestHandshake(); |
803 TestTransfer(100); | 806 TestTransfer(100); |
804 }; | 807 }; |
805 | 808 |
806 // Test DTLS-SRTP with all high ciphers | 809 // Test DTLS-SRTP with all high ciphers |
807 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) { | 810 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) { |
808 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 811 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
809 std::vector<int> high; | 812 std::vector<std::string> high; |
810 high.push_back(rtc::SRTP_AES128_CM_SHA1_80); | 813 high.push_back(kAES_CM_HMAC_SHA1_80); |
811 SetDtlsSrtpCryptoSuites(high, true); | 814 SetDtlsSrtpCiphers(high, true); |
812 SetDtlsSrtpCryptoSuites(high, false); | 815 SetDtlsSrtpCiphers(high, false); |
813 TestHandshake(); | 816 TestHandshake(); |
814 | 817 |
815 int client_cipher; | 818 std::string client_cipher; |
816 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 819 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); |
817 int server_cipher; | 820 std::string server_cipher; |
818 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 821 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); |
819 | 822 |
820 ASSERT_EQ(client_cipher, server_cipher); | 823 ASSERT_EQ(client_cipher, server_cipher); |
821 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80); | 824 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80); |
822 }; | 825 }; |
823 | 826 |
824 // Test DTLS-SRTP with all low ciphers | 827 // Test DTLS-SRTP with all low ciphers |
825 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) { | 828 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) { |
826 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 829 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
827 std::vector<int> low; | 830 std::vector<std::string> low; |
828 low.push_back(rtc::SRTP_AES128_CM_SHA1_32); | 831 low.push_back(kAES_CM_HMAC_SHA1_32); |
829 SetDtlsSrtpCryptoSuites(low, true); | 832 SetDtlsSrtpCiphers(low, true); |
830 SetDtlsSrtpCryptoSuites(low, false); | 833 SetDtlsSrtpCiphers(low, false); |
831 TestHandshake(); | 834 TestHandshake(); |
832 | 835 |
833 int client_cipher; | 836 std::string client_cipher; |
834 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 837 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); |
835 int server_cipher; | 838 std::string server_cipher; |
836 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 839 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); |
837 | 840 |
838 ASSERT_EQ(client_cipher, server_cipher); | 841 ASSERT_EQ(client_cipher, server_cipher); |
839 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_32); | 842 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_32); |
840 }; | 843 }; |
841 | 844 |
842 | 845 |
843 // Test DTLS-SRTP with a mismatch -- should not converge | 846 // Test DTLS-SRTP with a mismatch -- should not converge |
844 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { | 847 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { |
845 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 848 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
846 std::vector<int> high; | 849 std::vector<std::string> high; |
847 high.push_back(rtc::SRTP_AES128_CM_SHA1_80); | 850 high.push_back(kAES_CM_HMAC_SHA1_80); |
848 std::vector<int> low; | 851 std::vector<std::string> low; |
849 low.push_back(rtc::SRTP_AES128_CM_SHA1_32); | 852 low.push_back(kAES_CM_HMAC_SHA1_32); |
850 SetDtlsSrtpCryptoSuites(high, true); | 853 SetDtlsSrtpCiphers(high, true); |
851 SetDtlsSrtpCryptoSuites(low, false); | 854 SetDtlsSrtpCiphers(low, false); |
852 TestHandshake(); | 855 TestHandshake(); |
853 | 856 |
854 int client_cipher; | 857 std::string client_cipher; |
855 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 858 ASSERT_FALSE(GetDtlsSrtpCipher(true, &client_cipher)); |
856 int server_cipher; | 859 std::string server_cipher; |
857 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 860 ASSERT_FALSE(GetDtlsSrtpCipher(false, &server_cipher)); |
858 }; | 861 }; |
859 | 862 |
860 // Test DTLS-SRTP with each side being mixed -- should select high | 863 // Test DTLS-SRTP with each side being mixed -- should select high |
861 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { | 864 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { |
862 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 865 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
863 std::vector<int> mixed; | 866 std::vector<std::string> mixed; |
864 mixed.push_back(rtc::SRTP_AES128_CM_SHA1_80); | 867 mixed.push_back(kAES_CM_HMAC_SHA1_80); |
865 mixed.push_back(rtc::SRTP_AES128_CM_SHA1_32); | 868 mixed.push_back(kAES_CM_HMAC_SHA1_32); |
866 SetDtlsSrtpCryptoSuites(mixed, true); | 869 SetDtlsSrtpCiphers(mixed, true); |
867 SetDtlsSrtpCryptoSuites(mixed, false); | 870 SetDtlsSrtpCiphers(mixed, false); |
868 TestHandshake(); | 871 TestHandshake(); |
869 | 872 |
870 int client_cipher; | 873 std::string client_cipher; |
871 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 874 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); |
872 int server_cipher; | 875 std::string server_cipher; |
873 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 876 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); |
874 | 877 |
875 ASSERT_EQ(client_cipher, server_cipher); | 878 ASSERT_EQ(client_cipher, server_cipher); |
876 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80); | 879 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80); |
877 }; | 880 }; |
878 | 881 |
879 // Test an exporter | 882 // Test an exporter |
880 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) { | 883 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) { |
881 MAYBE_SKIP_TEST(HaveExporter); | 884 MAYBE_SKIP_TEST(HaveExporter); |
882 TestHandshake(); | 885 TestHandshake(); |
883 unsigned char client_out[20]; | 886 unsigned char client_out[20]; |
884 unsigned char server_out[20]; | 887 unsigned char server_out[20]; |
885 | 888 |
886 bool result; | 889 bool result; |
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1051 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); | 1054 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); |
1052 INSTANTIATE_TEST_CASE_P( | 1055 INSTANTIATE_TEST_CASE_P( |
1053 SSLStreamAdapterTestsDTLS, | 1056 SSLStreamAdapterTestsDTLS, |
1054 SSLStreamAdapterTestDTLS, | 1057 SSLStreamAdapterTestDTLS, |
1055 Combine(Values(rtc::KeyParams::RSA(1024, 65537), | 1058 Combine(Values(rtc::KeyParams::RSA(1024, 65537), |
1056 rtc::KeyParams::RSA(1152, 65537), | 1059 rtc::KeyParams::RSA(1152, 65537), |
1057 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | 1060 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), |
1058 Values(rtc::KeyParams::RSA(1024, 65537), | 1061 Values(rtc::KeyParams::RSA(1024, 65537), |
1059 rtc::KeyParams::RSA(1152, 65537), | 1062 rtc::KeyParams::RSA(1152, 65537), |
1060 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); | 1063 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); |
OLD | NEW |